Re: Reg. packaging pam-kwallet for Debian

2015-01-12 Thread Àlex Fiestas
On Sunday 26 October 2014 14:43:14 you wrote:
 On Saturday 25 October 2014 08:31 PM, Àlex Fiestas wrote:
  Will check this out and take care of it. Thanks.
 
 Thanks Alex. Do update this thread once you are done.
 
 - Rahul.
Hey

I just wanted to say that I haven't had time to look into this, sorry :/

It is still on my todo and will get into it as soon as possible.

Best,
Àlex.

signature.asc
Description: This is a digitally signed message part.
-- 
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-talk

Re: Reg. packaging pam-kwallet for Debian

2014-10-26 Thread Rahul Amaram


On Saturday 25 October 2014 08:31 PM, Àlex Fiestas wrote:

Will check this out and take care of it. Thanks.

Thanks Alex. Do update this thread once you are done.

- Rahul.

--
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-talk


Re: Reg. packaging pam-kwallet for Debian

2014-10-25 Thread Àlex Fiestas
On Friday 24 October 2014 02:17:44 Rahul Amaram wrote:
 On Thursday 23 October 2014 05:08 PM, Maximiliano Curia wrote:
  ¡Hola Rahul!
  
  El 2014-10-23 a las 11:44 +0200, Maximiliano Curia escribió:
  I'm not sure about the socket file in /tmp. The file name is predictable
  and it's even logged before use... oh, it's never used, mmh.
  
  No, it's used in kde-workspace-bin's startkde, to set the session
  environment. As a result, using pam-kwallet on anything but kde will
  leave a kded hanged waiting for the environment socket to be readable.
  
  This needs a proper fix.
 
 CC'ing the upstream author(s) for his input. I don't think I can do bug
 fixes in the code as I don't have sufficient context. I intend to mainly
 take care of packaging it :).
Will check this out and take care of it. Thanks.

signature.asc
Description: This is a digitally signed message part.
-- 
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-talk

Re: Reg. packaging pam-kwallet for Debian

2014-10-23 Thread Maximiliano Curia
¡Hola Rahul!

El 2014-10-23 a las 05:09 +0530, Rahul Amaram escribió:
 Totally understand and appreciate this. I didn't think that a package in 
 Ubuntu
 mainstream would need so much review.

Yeah, well, it happens, we are more picky/we aim to have higher quality
software (I guess a bit of both).

 Agreed. But it would be great if we can have this in Debian Jessie. Is it 
 still
 possible?

I don't know, a new package needs to pass the new queue, which usualy takes
some time to graduate from. And then it's 10 days to pass from unstable to
jessie, so, most probably, no. But I guess we can push the backport package
once jessie is released.

 In the code I don't see any obvious errors, but I'm not an expert in pam
 modules, some comments though:
 In kwallet_hash, after the call to error = gcry_kdf_derive(..) it's not
 checking in error returned something.

 In prompt_for_password, the memset in the lines:
 struct pam_response *response = NULL;
 memset (response, 0, sizeof(response));
 is redundant.

 I have not reviewed the upstream code (not sure if I'll be able to understand
 it also). Also, I prefer to leave upstream code unchanged unless it breaks
 something or has some security or performance issues.

It's always a good idea to try to understand some of it.

I'm not sure about the socket file in /tmp. The file name is predictable and
it's even logged before use... oh, it's never used, mmh.

 You can get the source at https://github.com/amaramrahul/pam-kwallet

Ok.

-- 
Don't let what you cannot do interfere with what you can do.
-- Wooden's Rule
Saludos /\/\ /\  `/


signature.asc
Description: Digital signature
-- 
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-talk

Re: Reg. packaging pam-kwallet for Debian

2014-10-23 Thread Maximiliano Curia
¡Hola Rahul!

El 2014-10-23 a las 11:44 +0200, Maximiliano Curia escribió:
 I'm not sure about the socket file in /tmp. The file name is predictable and
 it's even logged before use... oh, it's never used, mmh.

No, it's used in kde-workspace-bin's startkde, to set the session environment.
As a result, using pam-kwallet on anything but kde will leave a kded hanged
waiting for the environment socket to be readable.

This needs a proper fix.
-- 
“There are two ways of constructing a software design.  One way is to make it
so simple that there are obviously no deficiencies. And the other way is to
make it so complicated that there are no obvious deficiencies.
-- C.A.R. Hoare
Saludos /\/\ /\  `/


signature.asc
Description: Digital signature
-- 
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-talk

Re: Reg. packaging pam-kwallet for Debian

2014-10-23 Thread Rahul Amaram


On Thursday 23 October 2014 05:08 PM, Maximiliano Curia wrote:

¡Hola Rahul!

El 2014-10-23 a las 11:44 +0200, Maximiliano Curia escribió:

I'm not sure about the socket file in /tmp. The file name is predictable and
it's even logged before use... oh, it's never used, mmh.

No, it's used in kde-workspace-bin's startkde, to set the session environment.
As a result, using pam-kwallet on anything but kde will leave a kded hanged
waiting for the environment socket to be readable.

This needs a proper fix.
CC'ing the upstream author(s) for his input. I don't think I can do bug 
fixes in the code as I don't have sufficient context. I intend to mainly 
take care of packaging it :).


Thanks,
Rahul.

--
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-talk

Re: Reg. packaging pam-kwallet for Debian

2014-10-22 Thread Rahul Amaram

Comments inline.

On Tuesday 21 October 2014 06:28 PM, Maximiliano Curia wrote:

¡Hola Rahul!

The review process involves checking and fixing the packaging, and checking
upstream code for possible errors/incompatibilities with the way things are
done in the distribution. It takes time from both of us.
Totally understand and appreciate this. I didn't think that a package in 
Ubuntu mainstream would need so much review.


My ultra motive to offer you to review the package is to have more members
engaged in the team, not to push things that are not up to the quality expected
in Debian.
Agreed. But it would be great if we can have this in Debian Jessie. Is 
it still possible?

There are a couple of fixes in the upstream git, last commit is 2014-05-08,
you might want to include those.

Done.

To be under the kde team umbrella the package should be something like:
Maintainer: Debian/Kubuntu Qt/KDE Maintainers debian-qt-...@lists.debian.org
or:
Maintainer: Debian KDE Extras Team pkg-kde-ext...@lists.alioth.debian.org
or:
Maintainer: Debian Krap Maintainers debian-qt-...@lists.debian.org

The field: XSBC-Original-Maintainer is not considered valid in Debian
packages.

Add add yourself to the Uploaders list.

Done.


In the debian/copyright file:
Source: url://example.com
Please update the template to point to the upstream git repository.

Done.


Also in the debian/copyright file, the debian/* path is licensed under a more
restrictive license than the upstream code (GPL, and LGPL respectively), this
kind of licensing could block patches in the debian package from ever be
applied upstream and should be avoided. I pinged Rohan about this.

Ok.


In Debian the pam modules are named libpam-$module, please rename the binary
package.

Done.


The description provides almost no information, please extend it. Consider
using the kwalletmanager description, and adding a paragraph about the pam
module (ala libpam-gnome-keyring).
Done. I also added a README file describing the prerequisites and 
necessary configuration.


It's a good idea to set the build dependencies versions to (at least) the ones
listed in the CMakeLists.txt, in this case cmake (= 2.8.8) and
libgcrypt11-dev (= 1.5.0).

Done.


In the code I don't see any obvious errors, but I'm not an expert in pam
modules, some comments though:
In kwallet_hash, after the call to error = gcry_kdf_derive(..) it's not
checking in error returned something.

In prompt_for_password, the memset in the lines:
 struct pam_response *response = NULL;
 memset (response, 0, sizeof(response));
is redundant.
I have not reviewed the upstream code (not sure if I'll be able to 
understand it also). Also, I prefer to leave upstream code unchanged 
unless it breaks something or has some security or performance issues.

Also, the normal review process is done via mentors.debian.net, where you
could upload the package and send a RFS, I prefer using a git repository where
I can see the changes made, and afterwards integrate the changes in a repository
for the package, either one is fine, or even an uri where I can fetch the
package source (I don't care about the binary file).

You can get the source at *https://github.com/amaramrahul/pam-kwallet*


In any case, I would prefer not to have the packages as attachments, specially
in bugs and the team mailing lists, so, unless you can't publish the files
somewhere else, please avoid sending them like so. And if you really have to
send the files as attachments, please send them via direct mail, without
copies.

Point noted.


Thanks,


Looking forward to your response.

Thanks,
Rahul.
-- 
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-talk

Re: Reg. packaging pam-kwallet for Debian

2014-10-21 Thread Maximiliano Curia
¡Hola Rahul!

El 2014-10-21 a las 01:26 +0530, Rahul Amaram escribió:
 Apologies for the delay. Had been caught up with some work.
 Kindly review and upload to Debian.

The review process involves checking and fixing the packaging, and checking
upstream code for possible errors/incompatibilities with the way things are
done in the distribution. It takes time from both of us.

My ultra motive to offer you to review the package is to have more members
engaged in the team, not to push things that are not up to the quality expected
in Debian.

 Version: 0.0~git20140429-1

There are a couple of fixes in the upstream git, last commit is 2014-05-08,
you might want to include those.

 Maintainer: Rahul Amaram amaramra...@users.sourceforge.net

To be under the kde team umbrella the package should be something like:
Maintainer: Debian/Kubuntu Qt/KDE Maintainers debian-qt-...@lists.debian.org
or:
Maintainer: Debian KDE Extras Team pkg-kde-ext...@lists.alioth.debian.org
or:
Maintainer: Debian Krap Maintainers debian-qt-...@lists.debian.org

The field: XSBC-Original-Maintainer is not considered valid in Debian
packages.

Add add yourself to the Uploaders list.

In the debian/copyright file:
Source: url://example.com
Please update the template to point to the upstream git repository.

Also in the debian/copyright file, the debian/* path is licensed under a more
restrictive license than the upstream code (GPL, and LGPL respectively), this
kind of licensing could block patches in the debian package from ever be
applied upstream and should be avoided. I pinged Rohan about this.

In Debian the pam modules are named libpam-$module, please rename the binary
package.

The description provides almost no information, please extend it. Consider
using the kwalletmanager description, and adding a paragraph about the pam
module (ala libpam-gnome-keyring).

It's a good idea to set the build dependencies versions to (at least) the ones
listed in the CMakeLists.txt, in this case cmake (= 2.8.8) and
libgcrypt11-dev (= 1.5.0).

In the code I don't see any obvious errors, but I'm not an expert in pam
modules, some comments though:
In kwallet_hash, after the call to error = gcry_kdf_derive(..) it's not
checking in error returned something.

In prompt_for_password, the memset in the lines:
struct pam_response *response = NULL;
memset (response, 0, sizeof(response));
is redundant.

Also, the normal review process is done via mentors.debian.net, where you
could upload the package and send a RFS, I prefer using a git repository where
I can see the changes made, and afterwards integrate the changes in a repository
for the package, either one is fine, or even an uri where I can fetch the
package source (I don't care about the binary file).

In any case, I would prefer not to have the packages as attachments, specially
in bugs and the team mailing lists, so, unless you can't publish the files
somewhere else, please avoid sending them like so. And if you really have to
send the files as attachments, please send them via direct mail, without
copies.

Thanks,
-- 
“There are two ways of constructing a software design.  One way is to make it
so simple that there are obviously no deficiencies. And the other way is to
make it so complicated that there are no obvious deficiencies.
-- C.A.R. Hoare
Saludos /\/\ /\  `/


signature.asc
Description: Digital signature
-- 
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-talk

Re: Reg. packaging pam-kwallet for Debian

2014-10-20 Thread Rahul Amaram

On Thursday 16 October 2014 01:29 PM, Maximiliano Curia wrote:

But, if you prepare the package and intend to maintain it I won't mind
reviewing it. Happy hacking,


Apologies for the delay. Had been caught up with some work.

Kindly review and upload to Debian. I am not a DD, so cannot upload it 
to Debian. Also, I've heard that new package takes about 10 days to get 
into unstable. So, you might want to expedite this.


Thanks,
Rahul.

Format: 1.8
Date: Mon, 20 Oct 2014 23:37:26 +0530
Source: pam-kwallet
Binary: pam-kwallet
Architecture: source
Version: 0.0~git20140429-1
Distribution: unstable
Urgency: medium
Maintainer: Rahul Amaram amaramra...@users.sourceforge.net
Changed-By: Rahul Amaram amaramra...@users.sourceforge.net
Description:
 pam-kwallet - KWallet integration with PAM
Closes: 762402
Changes:
 pam-kwallet (0.0~git20140429-1) unstable; urgency=medium
 .
   * Import to Debian (Closes: #762402)
Checksums-Sha1:
 da328e1df2e1aea61b432b1cb2d14c2d26011f9a 977 pam-kwallet_0.0~git20140429-1.dsc
 dabc1160203efd958bcf8977339eed16c0e81356 2624 
pam-kwallet_0.0~git20140429-1.debian.tar.xz
Checksums-Sha256:
 833c2b4ccc0d5c4a334af33e63b367d135aabe1c6c8db8ed3921323e53735932 977 
pam-kwallet_0.0~git20140429-1.dsc
 996be90339e50ec0cc7e0b610918e0ce428958d513f13386af3661256df176d7 2624 
pam-kwallet_0.0~git20140429-1.debian.tar.xz
Files:
 5e9780018389b417a79c4834c24db5cd 977 kde optional 
pam-kwallet_0.0~git20140429-1.dsc
 c85e9a7c72fe8b857f830ce74363387c 2624 kde optional 
pam-kwallet_0.0~git20140429-1.debian.tar.xz
Original-Maintainer: Rohan Garg rohang...@kubuntu.org



pam-kwallet_0.0~git20140429-1_i386.deb
Description: application/deb
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 20 Oct 2014 23:37:26 +0530
Source: pam-kwallet
Binary: pam-kwallet
Architecture: source i386
Version: 0.0~git20140429-1
Distribution: unstable
Urgency: medium
Maintainer: Rahul Amaram amaramra...@users.sourceforge.net
Changed-By: Rahul Amaram amaramra...@users.sourceforge.net
Description:
 pam-kwallet - KWallet integration with PAM
Closes: 762402
Changes:
 pam-kwallet (0.0~git20140429-1) unstable; urgency=medium
 .
   * Import to Debian (Closes: #762402)
Checksums-Sha1:
 53d0749ed2776dbf1a695c2417f9cf0a36b9db63 1846 pam-kwallet_0.0~git20140429-1.dsc
 d63065bedae0af508ecdcab6248bc5dcfc64cabb 2632 
pam-kwallet_0.0~git20140429-1.debian.tar.xz
 bd7acae85cdd04a43cfbbc82928c910fbaaa4eb4 9518 
pam-kwallet_0.0~git20140429-1_i386.deb
Checksums-Sha256:
 2c3f18609feb91960c7a3b168272ca744d5031369b7f33d7d8a523f427275ccc 1846 
pam-kwallet_0.0~git20140429-1.dsc
 a8abac02b9f01c4773f97089504fa69829b1f45a068a56e6c506e9a6497355ca 2632 
pam-kwallet_0.0~git20140429-1.debian.tar.xz
 16488f3321a527db508cb62c5edb6727225aeba5a4316564dbed4eeca227567b 9518 
pam-kwallet_0.0~git20140429-1_i386.deb
Files:
 025c6dccd68277f0fcbd2304c1dc633c 1846 kde optional 
pam-kwallet_0.0~git20140429-1.dsc
 37702c2a27fb7ac26b1959a87375e893 2632 kde optional 
pam-kwallet_0.0~git20140429-1.debian.tar.xz
 154651a2c35f206fc5fdc3b13438d72f 9518 kde optional 
pam-kwallet_0.0~git20140429-1_i386.deb
Original-Maintainer: Rohan Garg rohang...@kubuntu.org

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCAAGBQJURWiyAAoJEMxkxzcmTFut/pIP/jc/vs71P82E49XiNhCQ0C1H
fRnYKCV2AzvYbgvuDifrX/UX+ggh9xAKSaA1mCfPogNcLvwLZlm4LI9YAstLf4ex
6/4/0ZCCuy/2cuIr/25SJSz5vXzH1wTNiwaigGLAcT7lsMRwXF08U5TP1FloszG8
hGS6nvD0r/vikgM38f3MUh/aS6rkTXkcmN8/YD4y+oSbvbnAdLWoMT/IGY8glEX5
0PGXzDJQgemQZW45nPzQs+2l4/KNnAG9z0P+QOenE3XiCGWh3sTAjBYmMdFhfGfO
PbCM3n/lTjRc8yLbJpw7sWAR5rN2VOP1AKKpnr2p9pUUvHV0UeoJ+Gag/xqRFleR
CrRO2h/MyV5bNRE8Dv8VQo9fzJER1iz9ajDaMjiTvkLbc7NNsy3zt1Na8MMNlS1x
B2LfxOByx+5Qn7oK4D0bbWFM+CIu5qkiD8R7yUX+GkAiajGC44V5vazzWSuMGk3k
j+lWeHbaSUYsfu2UYVAS1QGVLzdjxIDkpzdr+WyjNwDYZ6or5itt1nWTNNYwUfnk
8MXbhR6v39EXXtCYvvoNqS0M5B3lSi3ipaMC0t38UKsu3+mgKHkd+mn8NZRUWBug
Bsw55+OY7Q7g+38N7fIFDbEgjZ3WCXuLoxP/PpLjhfwTBsN4oPnVHoJbTYSnrmcj
A9iu6nU7CyJ3HTFdOK/b
=XYWb
-END PGP SIGNATURE-

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 3.0 (quilt)
Source: pam-kwallet
Binary: pam-kwallet
Architecture: any
Version: 0.0~git20140429-1
Maintainer: Rahul Amaram amaramra...@users.sourceforge.net
Standards-Version: 3.9.6
Build-Depends: debhelper (= 9), cmake, libpam0g-dev, libgcrypt11-dev
Package-List:
 pam-kwallet deb kde optional arch=any
Checksums-Sha1:
 d106bef9c86a1e5ad2a5bb74e2faf21a8dac726a 7136 
pam-kwallet_0.0~git20140429.orig.tar.xz
 d63065bedae0af508ecdcab6248bc5dcfc64cabb 2632 
pam-kwallet_0.0~git20140429-1.debian.tar.xz
Checksums-Sha256:
 0164672678c76cba02fcbc577332a57643a47ff60a22d12101f83800b838da36 7136 
pam-kwallet_0.0~git20140429.orig.tar.xz
 a8abac02b9f01c4773f97089504fa69829b1f45a068a56e6c506e9a6497355ca 2632 
pam-kwallet_0.0~git20140429-1.debian.tar.xz
Files:
 764745b3abea37d445d8176e25a9bcf9 7136 pam-kwallet_0.0~git20140429.orig.tar.xz
 37702c2a27fb7ac26b1959a87375e893 2632 
pam-kwallet_0.0~git20140429-1.debian.tar.xz
Original-Maintainer: Rohan Garg 

Re: Reg. packaging pam-kwallet for Debian

2014-10-16 Thread Maximiliano Curia
¡Hola Rahul!

El 2014-10-14 a las 23:54 +0530, Rahul Amaram escribió:
 I would like to know if it there are any plans for packaging pam-kwallet for
 Debian Jessie (Nov 5 freeze). There is already a RFP for this - https://
 bugs.debian.org/cgi-bin/bugreport.cgi?bug=762402.

 I think it addresses a very serious security vs. usability issue and addresses
 a 10 year old feature request https://bugs.kde.org/show_bug.cgi?id=92845 :).

As I mentioned when pam_kwallet was first introduced, I think it's a bad idea
to unlock the wallet by default and to promote the use of the password as the
passphrase. As such, I don't want to invest my time in this.

But, if you prepare the package and intend to maintain it I won't mind
reviewing it.

Happy hacking,
-- 
A computer scientist is someone who, when told to Go to Hell,
sees the go to, rather than the destination, as harmful.
Saludos /\/\ /\  `/


signature.asc
Description: Digital signature
-- 
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-talk